Scott T. Lyon

Scott T. Lyon is an M&R partner whose expertise in technology, cybersecurity and data privacy is particularly relevant given today’s business climate. In addition to evaluating and implementing effective information security practices, Scott also manages data breach responses and notifications for his clients, guiding them through the complicated state, federal and international legal obligations that arise when a data breach occurs.

As both a lawyer and IT professional, Scott employs his legal and technical knowledge in counseling a wide range of organizations in an array of industries (including financial services, insurance, advertising, digital media, hospitality, technology and retail) on improving their cybersecurity and data privacy programs and developing policies to quickly mitigate and recover from cyberattacks. While some law firms focus primarily on breach response, Scott and the M&R Cybersecurity & Privacy team leverage their technical expertise to offer the full-spectrum of pre- and post-breach services: assisting clients in performing risk assessments, developing data governance policies, working with vendors and partners to establish third party service provider security policies and contract terms, developing and testing incident response plans, assisting with breach response and notification, defending clients in data breach litigation, and building and implementing comprehensive organization-wide cybersecurity programs. Scott also helps clients comply with rapidly evolving cybersecurity and privacy regulations, including the New York Department of Financial Services (NY DFS) cybersecurity regulations, EU General Data Protection Regulation (GDPR) and others.

In the course of his career, Scott has been awarded numerous security and privacy certifications, including but not limited to CompTIA’s CySA+ (Cybersecurity Analyst), Security+, and A+ certifications, demonstrating IT mastery of cybersecurity technologies and practices. In addition, he has been designated as a Fellow of Information Privacy (FIP) and a Certified Information Privacy Professional, United States (CIPP/US) by the International Association of Privacy Professionals (IAPP), bestowed upon professionals who have demonstrated broad knowledge and experience in U.S. privacy and security laws and regulations. On top of this, Scott is a Certified Information Privacy Technologist (CIPT) which reveals his proficiency in the technical implementation of IT and engineering technologies relating to privacy and security.

A reasoned and pragmatic lawyer to his core, Scott is a graduate of the University of South Florida Circuit Court Civil Mediation Training program and serves as a certified mediator for the U.S. District Court for the Middle District of Florida.

Represented multiple information technology consulting clients in acquisition of established IT consulting firms.

Drafted vendor and subcontractor agreements for national information technology client, as well as employment agreements, non-competition agreements and various other transactional documents. Drafted and negotiated website and branding design agreements.

Represented national IT consulting firm in breach of contract suit against staffing provider for services performed on behalf of national bank.

Represented national IT consulting firm in collection action based on breach of master services agreement by former client. Successfully obtained arbitration award and payment for client in full amount of damages and attorneys’ fees.

Represented printing company against allegations of sexual harassment, gender discrimination and hostile work environment claims by former employee. Succeeded in obtaining summary judgment for client after demonstrating numerous inconsistencies in plaintiff’s deposition.

Represented national healthcare company in criminal investigation stemming from death of resident following treatment at client’s facility. Successfully settled potential claims after demonstrating insufficient evidence of alleged trauma.